From basic malware to ransomware, WannaCry and Petya, the impact of malicious attacks has been huge. Whether they target a hospital in the UK, a car plant in France or an Ukrainian tax preparation program, these attacks are designed to spread quickly leaving a huge mess in their wake.
It is still unclear if money has been the primary motive of these hackers. $50,000 in three days at $300 per demand from WannaCry is not bad money for most people and would have been much more if a kill switch hadn’t slowed its spread. However, there seems to be more behind it that bitcoin deposits.
The latest global attack that began in Ukraine demanded the same amount of money from each victim but the destination email address was shut down so the funds did not go through and the computers were not unlocked. At this time, there does not appear to be any follow up communication to obtain the money.
Giving up on the “ransom” so quickly leads experts to wonder about the real motivation behind these attacks. Easy money is an obvious reason. However, there may be more sinister ambitions lurking in the shadows of malware. There is an emerging chaos theory of ransomware attacks.
Just think of the political, social and economic mayhem caused by cyberattacks. The first wave of WannaCry left 200,000 victims in more than 150 countries, including:
- More than 29,000 institutions in China, many of which were educational institutions
- Transportation infrastructure
- 2,000 computers at 600 locations in Japan, including Nissan and Hitachi
- Two hospitals in Jakarta
- Government services
- 20% of Britain’s National Health Service regional offices that run clinics and hospitals
The fallout affected companies, government and individuals. Imagine the financial loss from downtime in a car plant such as Renault which stayed closed an extra day to do preventative work against hacking. Cancellation of some of the medical tests and surgeries created life threatening situations.
The silver lining to the stormy cloud of uncertainty and frustration is that organizations have looked more seriously at their vulnerability to such attacks. Unfortunately, healthcare service providers in many countries operate on older, more vulnerable technology as their money goes into direct patient care such as imaging equipment. Also, universities often have large, older systems. Now all these institutions are rising to the challenge of patching their systems and investing in newer technology.
Although prevention is obviously the first line of defense, it might not be sufficient. If, as many experts speculate, the real motivation is political, the attackers will return in force with more robust tools. In fact, what has been done to date with ransomware might simply be a distraction from a longer term plan.
For example, there has been much discussion about the role of pro-Russian hackers, especially the foreign presence detected in the election process of the US and France. And, it does seem too much of a co-incidence that the release of Petya on Ukrainian tax software happened the day before Ukraine’s Constitution Day, a celebration of independence from the old Soviet Union.
In his book, “Cyber Security and the Politics of Time”, Tim Stevens, a lecturer in global security at King’s College London, warns of the emergence of a Pearl Harbour kind of cyber attack which will produce global repercussions. Unfortunately, the more sophisticated the technology infrastructure, the more vulnerable it is. Stevens refers to the “digital underbelly” of the US being exposed in a way that makes it very difficult even for governments to provide total security.
The chaos, hostility and blame laying of ransomware and other malware are threats to be recognized.
Even if a small business is not a specific target, it can be infected and affected by a malware attack on a large entity. The fallout is far reaching. The best defense is prevention.
Whether large or small, each organization has a responsibility to do its own risk assessment and make sure its IT systems are the best possible. The team at Digital6 Technologies are ready to assess operations and develop a customized solution such as ShareSync with its data encryption function to ensure the highest level of security. Contact a Digital6 certified architect now for cloud services that provide peace of mind while listening to news about cyberattacks.